Security Roundup: Tech Data, CenturyLink, Duo-Sophos, 2nd Watch

Tech Data's RECON security suite includes several subscription-based offerings.

Edward Gately, Senior News Editor

June 30, 2018

8 Min Read

At its Channel Link conference this week in Austin, Texas, IT distributor Tech Data unveiled new offerings as part of its RECON Security Suite, providing access for partners to smaller, lesser-known security vendors.

In addition to the original 24×7 security monitoring service, now called RECON SOC and delivered by BlackStratus’ CYBERShark, the suite includes several subscription-based security offerings. Alex Ryals, Tech Data’s vice president of security solutions, tells us the goal here is not to compete with the bigger vendors like Cisco and Fortinet, but instead to “fill gaps sort of in the portfolio of some of our larger vendors with unique solutions that I think are interesting.”


Tech Data’s Alex Ryals and Tracy Holtz at Channel Link 2018.

“I talk to three or four vendors a week in the security space, and whenever I see someone that I’m like, ‘Huh, that’s really an interesting idea, and I want to invest in them, but I don’t know what that looks like,’ we’ve come up with this RECON security suite as a way to bring a voice to some of the smaller vendors that we want our partners to know about — people I think are going to be a name you’ll hear about more in a couple of years,” he said.

All of the offerings are niche in the way they solve unique problems in cybersecurity, Ryals said. And the suite is aligned with the NIST Cybersecurity Framework of identify, protect, detect, respond and recover.

“These categories are a great way for a partner to position a holistic security posture to the customer,” he said. “So I wanted to position these offerings in the same way because we’re already teaching our partners how to leverage the NIST framework to better tell a story.”

The new offerings include:

  • RECON Policy, a library of more than 200 different security policy documents pre-developed so customers can use them to comply with regulations or to vet a cloud provider.

  • RECON Radar (Pwnie Express), which discovers, fingerprints and inventories all IT and Internet of Things (IoT) devices and then monitors the behavior of network devices for indicators of compromise or sabotage, and provides direct response to neutralize the threats.

  • RECON Priority (Cyr3con), which provides cyberthreat intelligence, mined from the dark web, to prioritize vulnerabilities and security threats in the customer’s environment and assist in prioritizing patches customers should apply to their critical business system.

  • RECON ProServ, a catalog of security services offered by Tech Data and its security partners.

  • RECON Risk (Arx Nimbus), which assesses security risk by inputting quantitative capabilities and financial data into an insurance-grade algorithm to inform company executives on the financial benefits to mitigating a security limitation or the risk/cost of not spending the money to mitigate that security vulnerability.

  • RECON Restore, a set of backup/recovery vendors from Tech Data, such as Veeam and Veritas.

“We hope to launch two, possibly three (suite offerings) each quarter,” Ryals said. “We’ve already got next quarter’s two lined up today that will all be ready to go. These are all based on feedback from partners on what they’d like to see. I talk to three to five partners a week, and my team talks to 40 partners a week, so we won’t be short on feedback.”

Partners, we want your thoughts on IT and data-center security trends. Take our survey now!

Tracy Holtz, Tech Data’s director of security and information management, tells us all partner types can benefit from the security suite.

“MSPs are more equipped in terms of their practices around building a business based on subscription that they’ll naturally adopt those solutions and bring them into their portfolio,” she said. “But certainly VARs and resellers can …

… always look to augment what they’re offering today around their cybersecurity portfolio.”

Cybersecurity Still Not a Top priority for Many Companies

Cybersecurity has become a critical business function, yet it remains a non-core competency for a significant number of boards, according to a new report by GlobalData.

GlobalData figures show that companies globally spent a combined $114 billion on security products, both hardware and software, and services in 2017. By 2021, the figure is expected to have exceed $140 billion, at a compound annual growth rate (CAGR) of 6 percent.

Spending on services accounted for 68 percent of total spending in 2017 and this share will remain relatively steady through 2021, despite the CAGR of the services segment being outstripped by that of products, according to GlobalData.

Chief information security officers (CISOs) have become increasingly common in recent years, with recent research suggesting nearly two-thirds of large U.S companies now have a CISO position. However, most do not report directly to the CEO, which reduces their effectiveness, GlobalData said.

‘The frequency of cyberattacks is only likely to accelerate over the coming years; therefore, it is vital that senior executives have a full understanding of the inherent risks and implications,” said Cyrus Mewawalla, GlobalData’s head of thematic research. “The losers will be those companies whose boards do not take cybersecurity seriously, as they run a higher risk of being hacked.’’

It’s difficult to assess a company’s exposure to cybersecurity risk, but the composition of the board often provides clues: CEOs who do not have a CISO reporting directly to them present a high risk, he said.

“Traditionally, most companies have adopted a prevention-based approach to cybersecurity, but recent advances in technology areas like machine learning are enabling a move toward active detection of threats,” Mewawalla said.

CenturyLink is enhancing its Security Log Monitoring offering with correlated threat intelligence, new cloud-security monitoring features and a real-time mobile application for threat detection and response.

The enhancements aim to help enterprises address the “often overlooked threats within their networks.” Ponemon Institute found security events caused by insiders cost organizations $26.5 million in the past year, with an average price tag of $8.7 million.

“Most businesses pay little mind to the security risks within their hybrid environments — from their premises and their cloud workloads, to their remote employees,” said Chris Richter, CenturyLink’s vice president of global security services. “Security Log Monitoring offers customers a single view into their dispersed network environments and delivers actionable intelligence to address internal threats without opening the floodgates of false positive alerts.”

Security Log Monitoring recognizes hundreds of common log source types, including those from VPNs, firewalls, databases, cloud infrastructure and …

… servers.

“Enterprises today cannot afford gaps in their ability to see and stop evolving cyberthreats,” said Christina Richmond, program vice president for IDC’s security services research practice. “It’s imperative they find the right balance between evaluating external threats and those that lurk within their internal ecosystems, including a myriad of network devices and cloud services.”

Duo, Sophos Partner for Mobile Workforce Security

Duo Security has introduced an integration with Sophos Mobile that’s designed to help organizations support their growing mobile workforce while ensuring mobile security, whether their end-user devices are personal or corporate-issued.

The integration with Sophos Mobile allows Duo Beyond’s endpoints feature to identify managed and unmanaged mobile devices that are attempting to access their corporate applications. By evaluating the device-management status before granting user access to web applications, administrators gain visibility into all devices connecting to their corporate assets, according to Duo.

“The way we work is changing and it’s our job as security professionals to help enable our workforce,” said Ross McKerchar, Sophos’ chief information officer. “Security practitioners need to think about how we can move beyond traditional mobile-device-management (MDM) approaches, as it may not be appropriate for every device. When using Sophos Mobile with Duo Beyond, customers are able to set more informed access policies while accommodating the growing population of personal devices and cloud-based applications.”

2nd Watch Unveils Cloud Vulnerability Assessment

2nd Watch has rolled out a new security offering for companies in highly regulated industries using a combination of cloud platforms.

The SaaS-based solution offers ongoing scanning, assessment, auditing and remediation of security threats through a central management console. Companies also gain access to workload and application insights from 2nd Watch, providing enterprise IT and security professionals with support for governance and compliance issues, according to the company.

“The 2nd Watch vulnerability assessment offering is an enterprise-grade security management solution designed to provide instant insights and remediation capabilities across the leading cloud infrastructure platforms,” said Jeff Aden, 2nd Watch’s executive vice president of marketing and business development. “From a central management console, users can see the latest security threats as they’re happening, without regard to the cloud platform from which they’re emanating. The system is easy to implement and use, and it’s highly customizable. Nearly every large company is using more than one cloud platform. Our offering solves a significant problem for organizations in this camp.”

The service allows for application/workload remediation, scope of health reporting, and compliance and governance reporting. It also supports multiple implementation vectors, including agent-based, agentless and CSP-centric tooling, and has been optimized to work with Amazon Web Services (AWS) and Microsoft Azure cloud infrastructure.

Read more about:


About the Author(s)

Edward Gately

Senior News Editor, Channel Futures

As news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like